cobaltstrike | 3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630 | Triage

Submit
Reports

Overview

overview

Static

static

3

3caff77aa0...30.exe

windows7-x64

3caff77aa0...30.exe

windows10-2004-x64

Analysis

max time kernel
147s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
21/03/2025, 09:54

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630.exe

Resource

win7-20250207-en

cobaltstrike backdoor trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630.exe

Resource

win10v2004-20250314-en

cobaltstrike backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630.exe
Size

240KB
MD5

bd2311efd39d80468a127ec2a762dd79
SHA1

69b47b6ebec1b032478d9101eccba56b526013f9
SHA256

3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630
SHA512

af53495e525585001babc42e9bd11486beb77c9e95472eaf9ed0e70e420f217e159ebe72090de7796bd27c589934ef90c84c37abee6e5ffa0210a285d363c9f8
SSDEEP

3072:WsxZF0BeaUGK2sexQYnSvuRkaehePEJGaNALLVv13Jrc4pE62MBeIaH+s2kUAUfj:jeNnJTeQsJGa+LLVhrFpBRr

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.0.1.4:8090/HZkP

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSMSE)

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike
Cobaltstrike family
cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630.exe
"C:\Users\Admin\AppData\Local\Temp\3caff77aa0c6f4854670c476bf2d7115fb5d11296798ef5d0db3ebfe5d867630.exe"
1⤵
PID:1200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1200-0-0x000001C42C560000-0x000001C42C561000-memory.dmp

Filesize
4KB

Download

© 2018-2025

Terms | Privacy